﻿<?php
/*********************************************************************\
* This File is a part of BH-PANEL (Breizh-Heberg Panel v2.1)
* Copyright (C) 2008-2009 the BH Developpers : Vincent Giersch <mail@vincordi.fr>, Cyprien Laleau <fanning.fr@gmail.com> and Edwin Cabiten <marmottes44@hotmail.fr>
* See file AUTHORS to get more informations

* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.

* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.

* You should have received a copy of the GNU General Public License
* along with this program.  If not, see <http://www.gnu.org/licenses/>.
/*********************************************************************/

include('php/lib/panel_inc.php');
include ROOT.'php/lib/offres_inc.php';
if(isset($_SESSION['commande_heberg_offre']) AND isset($_SESSION['u_nic'])) {
	$offre = mysql_fetch_array(query("SELECT * FROM offres WHERE id='".intval($_SESSION['commande_heberg_offre'])."'"));
	
	if($_SESSION['commande_heberg_offre'] != 3) {
		$prix = number_format($offre['prix'] * $_SESSION['commande_heberg_duree'], 2, '.', '');
	}
	else {
		$prix = $_SESSION['commande_heberg_duree']*$_SESSION['commande_heberg_surmes']['prix'];
	}
	// Form POST
	if(isset($_POST['domaine']) OR isset($_POST['user_linux'])) {
		$error = 0;
		$infos = mysql_fetch_array(query("SELECT * FROM users WHERE u_nic = '".$_SESSION['u_nic']."'"));
		if($_POST['cgv'] == 1) {
			// codes promos
			if($_POST['code_promo'] != "") {
				$code = preg_replace('#([^a-z0-9])+#i', '', strtolower($_POST['code_promo']));
				$code_parametres = query("SELECT * FROM commandes_codes_promos WHERE code ='".$code."'");
				if(mysql_num_rows($code_parametres) == 1) {
					$code_parametres = mysql_fetch_array($code_parametres);
					if($code_parametres['type_commande'] == 1) {
						// Valable temps
						if($code_parametres['valable_type'] == 0) {
							if($code_parametres['valable_parametre'] > time()) {
								$valable = 1;
							}
							else {
								$valable = 0;
							}
						}
						// Valable nb fois
						else {
							if($code_parametres['valable_parametre'] > $code_parametres['valable_current']) {
								query("UPDATE commandes_codes_promos SET valable_current = valable_current + 1 WHERE code = '".$code."'");
								$valable = 1;
							}
							else {
								$valable = 0;
							}
						}
					}
					else {
						$valable = 0;
					}
					// réduction
					if($valable == 1) {
						if($code_parametres['type'] == 0) {
							$prix = $prix - ($prix * $code_parametres['reduction'] / 100);
						}
						else {
							$prix = $prix - $code_parametres['reduction'];
						}
					}
				}
				else {
					$valable = 0;
				}
				// Si il n'est pas valable, erreur.
				if($valable == 0) {
					$error = 5;
				}
			}
			// si le pm est assez plein
			if($prix <= $infos['u_portemonnaie']) {
				$domaine = preg_replace('#([^a-z0-9\-])+#i', '', strtolower($_POST['user_linux']));
				$verif_pris = mysql_fetch_array(query("SELECT COUNT(*) AS verif FROM comptes_heberg WHERE user_linux='".$domaine."'"));
				$verif_pris2 = mysql_fetch_array(query("SELECT COUNT(*) AS verif FROM commandes_data WHERE domaine_or_user_linux='".$domaine."'"));
				if($domaine == "www"
						OR $domaine == "ns"
						OR $domaine == "ns1"
						OR $domaine == "ns0"
						OR $domaine == "ns2"
						OR $domaine == "ns3"
						OR $domaine == "ns4"
						OR $domaine == "www"
						OR $domaine == "ftp0"
						OR $domaine == "ftp1"
						OR $domaine == "ftp2"
						OR $domaine == "ftp3"
						OR $domaine == "phpmyadmin"
						OR $domaine == "mail"
						OR $domaine == ""
						OR $verif_pris['verif'] == 1
						OR $verif_pris2['verif'] == 1) {
						$error = 3;
				}
				if($error == 0) {
					// Affiliation
					$affil = mysql_fetch_array(query("SELECT COUNT(*) AS verif FROM users WHERE u_nic = '".intval($_COOKIE['ref_partner'])."'"));
					if($affil['verif'] == 1) {
						$affil = intval($_COOKIE['ref_partner']);
					}
					else {
						$affil = 0;
					}
					
					if($_SESSION['commande_heberg_offre'] == 3) {
						query("INSERT INTO commandes_data(id_produit, duree, prix, prix_total, u_nic, type_produit, type_commande, domaine_or_user_linux, parametre, commande_etat, affiliation, server_apache, server_mysql) 
						VALUES('".$_SESSION['commande_heberg_offre']."', '".$_SESSION['commande_heberg_duree']."' , '".$_SESSION['commande_heberg_surmes']['prix']."', '".$prix."', '".$_SESSION['u_nic']."', 0, 1, '".$domaine."', '".json_encode($_SESSION['commande_heberg_surmes'])."', '".$bzh_config['validation_admin_heberg_pay']."', '".$affil."', '".$bzh_config['server_pay_apache_default']."', '".$bzh_config['server_pay_mysql_default']."')");
					}
					else {
						query("INSERT INTO commandes_data(id_produit, duree, prix, prix_total, u_nic, type_produit, type_commande, domaine_or_user_linux, parametre, commande_etat, affiliation, server_apache, server_mysql) 
						VALUES('".$_SESSION['commande_heberg_offre']."', '".$_SESSION['commande_heberg_duree']."' , '".$prix."', '".$prix."', '".$_SESSION['u_nic']."', 0, 1, '".$domaine."', '".json_encode($_SESSION['commande_heberg_surmes'])."', '".$bzh_config['validation_admin_heberg_pay']."', '".$affil."', '".$bzh_config['server_pay_apache_default']."', '".$bzh_config['server_pay_mysql_default']."')");
					}
					
					query("UPDATE users SET u_portemonnaie = u_portemonnaie - ".$prix." WHERE u_nic = '".$_SESSION['u_nic']."'");	
					
					unset($_SESSION['commande_heberg_surmes']['prix']);
					unset($_SESSION['commande_heberg_duree']);
					unset($_SESSION['commande_heberg_offre']);
					
				}
					
					$title = "Commande validée";
					$tplinc = "Offres/offres-hebergement-commande-2";
					$parse = 1;

			}
			else {
				$error = 2;
			}
		}
		else {
			$error = 4;
		}
		
		// Affichage des	erreurs
		if($error != 0) {
			if(($_SESSION['commande_heberg_offre'] == 2) AND ($_SESSION['commande_heberg_duree'] == 12)) {
				$title = "Paramètres de la commande";
				$tpl->assign(array("dom" => 1));
			}
			else {
				$title = "Paramètres de la commande";
				$tpl->assign(array(
					"dom" => 0,
					"ext_default" => $ext_default 
				));
			}
			$tpl->assign(array(
				"code_promo_default" => $bzh_config['code_promo_default'],
				"code_promo_change" => $bzh_config['code_promo_change'],
				"offre" => $_SESSION['commande_heberg_offre'],
				"prix" => $prix,
				"error" => $error,
				"load" => "new Effect.Pulsate(document.getElementById('error_div'))",
				"description_reload" => mysql_escape_string(htmlentities($_POST['description'])),
				"code_reload" => mysql_escape_string(htmlentities($_POST['code_promo'])),
			));
			$tplinc = "Offres/offres-hebergement-commande-1";
			$parse = 1;
		}
	}
	else {
		if(($_SESSION['commande_heberg_offre'] == 2) AND ($_SESSION['commande_heberg_duree'] == 12)) {
			$title = "Paramètres de la commande";
			$tpl->assign(array("dom" => 1));
		}
		else {
			$title = "Paramètres de la commande";
			$tpl->assign(array(
				"dom" => 0,
				"ext_default" => $ext_default 
			));
		}
		$tpl->assign(array(
			"code_promo_default" => $bzh_config['code_promo_default'],
			"code_promo_change" => $bzh_config['code_promo_change'],
			"offre" => $_SESSION['commande_heberg_offre'],
			"prix" => $prix,
			"duree" => $_SESSION['commande_heberg_duree']
		));
		$tplinc = "Offres/offres-hebergement-commande-1";
		$parse = 1;
	}
}
?>
